fmaury/seirdy.one
1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-10 00:12:09 +00:00
Code Issues Projects Releases Wiki Activity

fix dead links

Browse source
This commit is contained in:
Rohan Kumar 2022-07-07 17:57:32 -07:00
parent 70b8a5e9cb
commit d2eb21a04c
No known key found for this signature in database
GPG key ID: 1E892DB2A5F84479
3 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
content/posts/cli-best-practices.gmi
View file

@ -104,7 +104,7 @@ $ moac -
-m -- mass at attacker's disposal (kg)
-q -- account for quantum computers using Grover's algorithm
```
=> https://sr.ht/~seirdy/moac MOAC
=> https://sr.ht/~seirdy/MOAC MOAC
### Misc

6
content/posts/cli-best-practices.md
View file

@ -104,7 +104,7 @@ This is a non-exhaustive list of simple, baseline recommendations for designing
4. Ensure that the `whatis` and `apropos` commands work as intended after installing your man pages. These commands parse the beginnings of man pages to give one-line summaries of programs, and often power advanced tab-completion setups.
{{<codefigure samp="true">}} {{< codecaption lang="console" >}} This is what tab-completion for [MOAC](https://sr.ht/~seirdy/moac) looks like with fzf-tab. {{< /codecaption >}}
{{<codefigure samp="true">}} {{< codecaption lang="console" >}} This is what tab-completion for [MOAC](https://sr.ht/~seirdy/MOAC) looks like with fzf-tab. {{< /codecaption >}}
```figure {samp=true}
$ moac -
@ -151,7 +151,7 @@ These considerations are far more subjective, debatable, and deserving of skepti
6. If you want to keep your tool simple, make the output readable to both humans and machines; it should work well when streamed to another program's standard input and when parsed by a person. This is especially useful when people redirect output streams to log files, and to screen readers.
7. Consider splitting related functionality between many executables (the UNIX way) and/or sub-commands (like Git). I split [MOAC's](https://sr.ht/~seirdy/moac) functionality across both `moac` and `moac-pwgen`, and gave `moac` three subcommands. The ["Consistent commands trees"](https://lucasfcosta.com/2022/06/01/ux-patterns-cli-tools.html#consistent-commands-trees) section of Lucas' article has good advice.
7. Consider splitting related functionality between many executables (the UNIX way) and/or sub-commands (like Git). I split [MOAC's](https://sr.ht/~seirdy/MOAC) functionality across both `moac` and `moac-pwgen`, and gave `moac` three subcommands. The ["Consistent commands trees"](https://lucasfcosta.com/2022/06/01/ux-patterns-cli-tools.html#consistent-commands-trees) section of Lucas' article has good advice.
8. Don't conflate CLIs and TUIs. A CLI should be non-interactive; a TUI should be interactive. Exceptions exist for really simple interfaces (e.g. Magic-Wormhole and others like it) that accept user input; however, as the interface grows more complex, consider splitting the program into two sibling programs, one of which can have a "pure" non-interactive CLI.
@ -209,7 +209,7 @@ References and further reading
[^2]: See [this Fediverse thread](https://mastodon.technology/@codeberg/108403449317373462) about forge accessibility.
[^3]: I need to take my own advice for programs like [moac](https://sr.ht/~seirdy/moac). Ugh.
[^3]: I need to take my own advice for programs like [MOAC](https://sr.ht/~seirdy/MOAC). Ugh.
[^4]: For a good example, see Git's distinction between regular output and porcelain-friendly output. The instability of the former and stability of the latter are explicitly documented in the Git man pages and in the official Git book.

2
content/posts/layered-content-blocking.md
View file

@ -79,7 +79,7 @@ I'll update this section as I collect feedback. Watch this space.
<q>Malicious extensions can still request permission to read the contents of the page. What have you done differently besides adding new APIs?</q>
: The difference is that these malicious extensions will require the extra permission to access your data for all websites, while extensions using declarative APIs will not. Security-conscious users can keep that fact in mind. However, we shouldn't speak for other users with different priorities.
I imagine that [an opinionated security-focused browser](https://hexavalent.org/) could make it possible for users to enable privileged extensions only on a site-by-site basis, for those interested. Personally, I think that it's probably best to limit scriptlet injection to signed scripts.[^7]
I imagine that [an opinionated security-focused browser](https://web.archive.org/web/20220607001654/https://hexavalent.org/) could make it possible for users to enable privileged extensions only on a site-by-site basis, for those interested <ins>(Update: Hexavalent has been discontinued)</ins>. Personally, I think that it's probably best to limit scriptlet injection to signed scripts.[^7]
Another difference is that while declarative filtering does have reduced functionality, it's also more effective in some ways. Declarative filters generally have a lower footprint and are less likely to experience the delayed execution that lets some unwanted content slip through.